GNU Emacs, Org Mode: Multiple Vulnerabilities

Background GNU Emacs is a highly extensible and customizable text editor. Description Multiple vulnerabilities have been discovered in GNU Emacs. Please review the CVE identifiers referenced below for details. Impact Please review the referenced CVE identifiers for details. Workaround There is no...

GLSA-202407-08 : GNU Emacs, Org Mode: Multiple Vulnerabilities

The remote host is affected by the vulnerability described in GLSA-202407-08 GNU Emacs, Org Mode: Multiple Vulnerabilities Multiple vulnerabilities have been discovered in GNU Emacs. Please review the CVE identifiers referenced below for details. Tenable has extracted the preceding description...

Race Condition

Overview Affected versions of this package are vulnerable to Race Condition in OpenSSH's server sshd due to a signal handler race condition when a client does not authenticate within LoginGraceTime seconds 120 by default, 600 in old OpenSSH versions. An attacker can execute arbitrary code as root...

Glibc: off-by-one heap-based buffer overflow in __vsyslog_internal()

...

Glibc: heap-based buffer overflow in __vsyslog_internal()

...

[SECURITY] [DLA 3849-1] org-mode security update

Debian LTS Advisory DLA-3849-1 [email protected] https://www.debian.org/lts/security/ Sean Whitton June 29, 2024 https://wiki.debian.org/LTS Package : emacs Version : emacs 1:26.1+1-3.2+deb10u6 CVE ID : CVE-2024-39331 Debian Bug : 1074136 A vulnerability was discovered in GNU Emacs, the...

Debian dla-3848 : elpa-org - security update

The remote Debian 10 host has packages installed that are affected by a vulnerability as referenced in the dla-3848 advisory. ------------------------------------------------------------------------- Debian LTS Advisory DLA-3848-1 [email protected] https://www.debian.org/lts/security/...

OESA-2024-1756 wget security update

GNU Wget is a free software package for retrieving files using HTTP, HTTPS, FTP and FTPS the most widely-used Internet protocols. It is a non-interactive commandline tool, so it may easily be called from scripts, cron jobs, terminals without X-Windows support, etc. Security Fixes: url.c in GNU Wg...

OESA-2024-1755 aspell security update

GNU Aspell is a spell checker intended to replace Ispell. It can be used as a library and spell checker. Its main feature is that it provides much better suggestions than other inspectors, including Ispell and Microsoft Word. It also has many other technical enhancements to Ispell, such as the us...

OESA-2024-1754 aspell security update

GNU Aspell is a spell checker intended to replace Ispell. It can be used as a library and spell checker. Its main feature is that it provides much better suggestions than other inspectors, including Ispell and Microsoft Word. It also has many other technical enhancements to Ispell, such as the us...

Unspecified Vulnerability in GNU Emacs

GNU Emacs is a family of text editors in the American GNU community. GNU Emacs suffers from a security vulnerability that stems from specifying unsafe functions. No details of the vulnerability are provided at this time...

MGASA-2024-0240 Updated wget packages fix security vulnerability

url.c in GNU Wget through 1.24.5 mishandles semicolons in the userinfo subcomponent of a URI, and thus there may be insecure behavior in which data that was supposed to be in the userinfo subcomponent is misinterpreted to be part of the host subcomponent. CVE-2024-38428...

Mageia: Security Advisory (MGASA-2024-0237)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Automad 2.0.0-alpha.4 - Stored Cross-Site Scripting (XSS)

Exploit Title: Automad 2.0.0-alpha.4 - Stored Cross-Site Scripting XSS Date: 20-06-2024 Exploit Author: Jerry Thomas w3bn00b3r Vendor Homepage: https://automad.org Software Link: https://github.com/marcantondahmen/automad Category: Web Application Flat File CMS Version: 2.0.0-alpha.4 Tested on:...

Malicious code in gcc-patch (npm)

--- -= Per source details. Do not edit below this line.=-...

Huawei EulerOS: Security Advisory for glibc (EulerOS-SA-2024-1811)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

FreeBSD : emacs -- Arbitrary shell code evaluation vulnerability (4f6c4c07-3179-11ef-9da5-1c697a616631)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the 4f6c4c07-3179-11ef-9da5-1c697a616631 advisory. GNU Emacs developers report: Emacs 29.4 is an emergency bugfix release intended to fix a security...

GNU Emacs 安全漏洞

GNU Emacs is a family of text editors in the American GNU community. GNU Emacs suffers from a security vulnerability that stems from specifying unsafe functions. No details of the vulnerability are provided at this time...

GNU Global Code Execution Vulnerability

GNU Global is a free code tagging system for the US GNU community. A code execution vulnerability exists in GNU Global that stems from the use of shell metacharacters, no details of the vulnerability are provided at this time...

GNU libcdio Buffer Overflow Vulnerability

GNU libcdio is a library developed by the GNU Project for accessing CD-ROMs and CD images, and is mainly used to handle CD-ROM file system reading, directory structure parsing and other functions. A buffer overflow vulnerability exists in GNU libcdio, which can be exploited by an attacker to...